[Openid-specs-ab] Spec call notes 27-Aug-12

Mike Jones Michael.Jones at microsoft.com
Tue Aug 28 00:01:43 UTC 2012

Spec call notes 27-Aug-12

John Bradley
Mike Jones
Edmund Jay
Pamela Dingle
Nat Sakimura

                Open Issues

                Now unblocked to do edits for issues
                Nat, John, Edmund, and Mike all have assigned issued to do edits for

Open Issues:
                #614: Discovery - 3.2 Distinguishing between signature and integrity parameters for HMAC algorithms
                                Will need to be updated following upcoming JOSE checkins
                #627: Discovery 3.2 - HTTP response code
                                John added comments about redirects
                #601: Standard - No way of doing IdP initiated login defined
                                We still need to define a mechanism for IdP initiated login
                                We need to define how this relates to the current OAuth messages
                                We could define a special "IdP-initiated" state value
                                We need to define relay state behaviors
                                We might need to add additional claims and/or parameters
                                John and Pam are thinking about a design for this
                We went through the other unassigned issues - most required more people to discuss/resolve than were on the call

                Once Roland
                Pam wants to set up a two-hour test-a-thon WebEx meeting
                                We're anticipating doing this in about 3 weeks
                We could also have some working interop sessions during IIW

                We need to decide on what to do the Monday before IIW
                We should probably have an in-person WG meeting to close remaining open issues
                                Mike will ask Eric if Google can host
                Unfortunately, Nat and Tony will be at ISO that week

                Nonce/Timestamp issue
                                The primary usage may be a representation of entropy
                                And a way to detect duplicate messages
                                One reason to include it in the header is it is not encrypted, so could be processed by intermediaries
                                John will try to answer some of Axel's and Brian's questions on the list
                The issue voting remains open this week - people should read the issues and vote on them

                Resolution of the W3C coordination issue was delayed due to vacations
                                All parties should be back this week and Mike will follow up
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120828/963355e1/attachment.html>

More information about the Openid-specs-ab mailing list